2 cissp ® Official Study Guide Eighth Edition

Automatic Private IP Addressing

Download 19,3 Mb.

Pdf ko'rish

bet	514/881
Sana	08.04.2023
Hajmi	19,3 Mb.
	#925879

1 ... 510 511 512 513 514 515 516 517 ... 881

Bog'liq
(CISSP) Mike Chapple, James Michael Stewart, Darril Gibson - CISSP Official Study Guide-Sybex (2018)

Automatic Private IP Addressing
Automatic Private IP Addressing (APIPA)
, aka link-local address assignment (defi ned in
RFC 3927), assigns an IP address to a system in the event of a Dynamic Host Confi guration
Protocol (DHCP) assignment failure. APIPA is primarily a feature of Windows. APIPA
assigns each failed DHCP client with an IP address from the range of 169.254.0.1 to
169.254.255.254 along with the default Class B subnet mask of 255.255.0.0. This allows
the system to communicate with other APIPA-confi gured clients within the same broadcast
domain but not with any system across a router or with a correctly assigned IP address.
Don’t confuse APIPA with the private IP address ranges, defined in
RFC 1918.
APIPA is not usually directly concerned with security. However, it is still an important
issue to understand. If you notice that a system is assigned an APIPA address instead of a
valid network address, that indicates a problem. It could be as mundane as a bad cable or

Switching Technologies
553
power failure on the DHCP server, but it could also be a symptom of a malicious attack on
the DHCP server. You might be asked to decipher issues in a scenario where IP addresses
are presented. You should be able to discern whether an address is a public address, an
RFC 1918 private address, an APIPA address, or a loopback address.
Converting IP Address Numbers
IP addresses and subnet masks are actual binary numbers, and through their use in
binary, all the functions of routing and traffic management occur. Therefore, it is a good
idea to know how to convert between decimal, binary, and even hexadecimal. Also, don’t
forget how to convert from a dotted-decimal notation IP address (such as 172.16.1.1) to its
binary equivalent (that is, 10101100000100000000000100000001). And it is probably not a
bad idea to be able to convert the 32-bit binary number to a single decimal number (that
is, 2886729985). Knowledge of number conversions comes in handy when attempting to
identify obfuscated addresses. If you are rusty in this skill area, take advantage of online
conversion primers, such as at the following location:
http://www.mathsisfun.com/binary-decimal-hexadecimal-converter.html
The loopback Address
Another IP address range that you should be careful not to confuse with the private
IP address ranges defined in RFC 1918 is the loopback address. The
loopback address
is purely a software entity. It is an IP address used to create a software interface that
connects to itself via TCP/IP. The loopback address allows for the testing of local network
settings in spite of missing, damaged, or nonfunctional network hardware and related
device drivers. Technically, the entire 127.x.x.x network is reserved for loopback use.
However, only the 127.0.0.1 address is widely used.
Switching Technologies
When two systems (individual computers or LANs) are connected over multiple interme-
diary networks, the task of transmitting data packets from one to the other is a complex
process. To simplify this task, switching technologies were developed. The first switching
technology was circuit switching.

Download 19,3 Mb.

Do'stlaringiz bilan baham:

1 ... 510 511 512 513 514 515 516 517 ... 881